<?php
class AdminAction extends AdminBaseAction{
	protected function chkSession() {
		if ($_SESSION['username'] == "") {
			$this->error("出错了");
		}
	}
	
	public function login(){
		$this->display();
	}
	
	public function verify(){
		$type = isset($_GET['type'])?$_GET['type']:'gif';
        import("@.ORG.Image");
        Image::buildImageVerify(4,1,$type);
    }
	
	public function chkLogin(){
		//改变返回数据类型
		C('DEFAULT_AJAX_RETURN','EVAL');
		
		//服务器端验证
		if(empty($_POST['username'])) {
			$this->error('用户名不能为空');
		} elseif (empty($_POST['password'])) {
			$this->error('密码不能为空');
		} elseif (empty($_POST['verify'])) {
			$this->error('验证码不能为空');
		}
		
		// 创建用于验证的数组
		$map = array();
		$map['username'] = trim($_POST['username']);
		
		//数据库验证
		
		$Admin = M('Admin')->where($map)->find();//echo M('Admin')->getlastsql();
		//dump($Admin, $echo=true, $label=null);
		
		//判断是否是管理员
		if ($Admin) {
			if($_SESSION['verify'] != md5($_POST['verify'])) {
				$this->ajaxReturn('验证码不对');	
			} else if(md5($_POST['password']) != $Admin['password']) {
				$this->ajaxReturn('密码不对');
			} else {
				//建立session
				$_SESSION['username'] = $Admin['username'];
				$_SESSION['aid'] = $Admin['aid'];
				
				//建立用户数据组，用于更新用户登陆次数和IP等
				$data = array();
				$data['aid']	=	$Admin['aid'];
				$data['last_login_time'] = time();
				$data['login_count'] += 1;
                                Load('extend');
				$data['last_login_ip'] = get_client_ip();
				M('Admin')->save($data);
			}
		} else {
			$this->ajaxReturn('登陆出错');
		}
	}
	
	public function top() {
		$this->chkSession();
		$this->assign('username',$_SESSION['username']);
		$this->display();
	}
	
	public function index() {
		$this->chkSession();
		$this->display();
	}
	public function loginOut() {
		session_destroy();
		$this->redirect('admin/login');
	}
	
	public function left() {
		$this->chkSession();
		$class = $_GET['class'];
		if($class=='nav1') {
			$this->assign('class','nav1');
		} elseif($class=='nav2') {
			$this->assign('class','nav2');
		} elseif($class=='nav3') {
			$this->assign('class','nav3');
		} else {
			$this->assign('class','nav1');
		}
		$this->display();
	}
	
	public function editpassword() {
		$this->chkSession();
		$this->assign('username',$_SESSION['username']);
		$this->display();	
	}
	
	public function savechangepassword() {
		$this->chkSession();
		
		//改变返回数据类型
		C('DEFAULT_AJAX_RETURN','EVAL');
		
		//服务器端验证
		if (empty($_SESSION['username'])) {
			$this->error('用户名不能为空');
		} elseif (empty($_POST['password'])) {
			$this->error('密码不能为空');
		} elseif (empty($_POST['password2'])) {
			$this->error('确认密码不能为空');
		} elseif (trim($_POST['password']) != trim($_POST['password2'])) {
			$this->ajaxReturn('二次密码不一样');
		}
		
		//创建验证数组
		$map = array();
		$map['username'] = trim($_POST['username']);
		$map['password'] = md5(trim($_POST['password']));
		$map['aid'] = $_SESSION['aid'];
		
		//数据库验证
		M('Admin')->save($map);
		
		$this->ajaxReturn('修改成功');	
	}
}
?>